University Community Encouraged to Watch for Website Phishing Schemes

In an effort to educate our University community, Information Technology Services (ITS) wants to make you aware of the different types of phishing schemes that can adversely affect your electronic devices or potentially expose your personally identifiable information.

Phishing is an attempt by a person posing as a trustworthy entity in electronic communication to acquire information such as usernames, passwords and credit card details and, in some cases, money.

Here are some good tips for how to stay secure when browsing with your computer or other devices:

  • Think before you click. If you receive a suspicious email or browser screen pop ups, don’t click the links in the email or open file attachments from anything but 100-percent trusted sources. When in doubt, throw it out.
  • Check the URL. Get in the habit of looking at the address line. Does the address line display something different like "hxxp://www.gotyouscammed.com/login.htm?" Be aware of where you are going.
  • Test Web links. VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, Trojans and all kinds of malware.
  • Always go direct. The best thing you can do to avoid phishing scams is always go directly to the website you want to visit rather than clicking a link. Make it a habit to manually enter the address of any banking, shopping, auction or financial transaction website yourself and not depend on displayed links or links in email.
  • Make sure all your browsers are up to date.
  • Make sure your browser plug-ins are up to date. A free and great resource to check your browser’s plug-ins is the Browser Check from Qualys.
  • Utilize your browser's built-in tools. Most browsers come with some phishing protection built in to help protect you, but it isn't always enabled by default.

 

Recently a faculty member recieved a malicious email that was meant to look like an automated message sent from blackboard:

From: BlackBoard <skdl@mysch.edu>

Subject: Important Mail

Date: March 1, 2017 at 1:43:51 PM EST

To: Faculty Doe <doef@ferris.edu>

 


Dear user :


Your Admin faculty has left two important course work in your Blackboard area.

Please click below to read your messages

<maliciousblackboardlink>


Note : The link above will be inactive after 10 minutes when mail has been read.


Regards

Blackboard ITS

Note the generic "Important Email" subject message, attackers will often use fluff words like these to grab a users attention. Also notice the non-ferris/blackboard email. Always double check with TAC or ITS if you recieve any emails that appear to be suspicious.


 If you have any questions or concerns, call the Technology Assistance Center (TAC) at (231) 591-4822 or toll free at (877) 779-4822.

Thank you,

Ferris Information Technology Services